nanog mailing list archives
Re: Schneier: ISPs should bear security burden
From: dlr () bungi com (Dave Rand)
Date: Fri, 29 Apr 2005 02:07:17 -0700
[In the message entitled "Re: Schneier: ISPs should bear security burden" on Apr 28, 10:20, "Steve Sobol" writes:]
There are some basic rules of thumb you can use. The problem is that they're not guaranteed to work. The best solution was created years ago (Gordon Fecyk's DUL, which lists IP ranges the ISPs specifically register as dynamic/not supposed to host servers) and eventually came under the purview of Kelkea/MAPS, but there wasn't a ton of ISP buy-in. If we could create a similar list and actually get ISPs to register the appropriate netblocks (and not mix in IPs where servers are allowed, and IPs where they aren't, in the same block), that'd be great.
Dunno what a ton of ISP buy-in is, but the MAPS DUL now contains about 190,000,000 entries. We've been working on it very hard for the last year or two. Most ISP-level subscribers figure it stops a pretty large percentage of the compromised-home-computer spam. --
Current thread:
- Re: Schneier: ISPs should bear security burden, (continued)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 27)
- Re: Schneier: ISPs should bear security burden Sam Hayes Merritt, III (Apr 27)
- Re: Schneier: ISPs should bear security burden Greg Boehnlein (Apr 27)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 27)
- Re: Schneier: ISPs should bear security burden Petri Helenius (Apr 27)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 27)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 27)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 27)
- RE: Schneier: ISPs should bear security burden Olsen, Jason (Apr 28)
- RE: Schneier: ISPs should bear security burden Owen DeLong (Apr 28)
- Re: Schneier: ISPs should bear security burden Dave Rand (Apr 29)
- Re: Schneier: ISPs should bear security burden Steven J. Sobol (Apr 29)
- Re: Schneier: ISPs should bear security burden Dave Rand (Apr 29)
- RE: Schneier: ISPs should bear security burden Miller, Mark (Apr 29)
- RE: Schneier: ISPs should bear security burden Steven J. Sobol (Apr 29)
- Re: Schneier: ISPs should bear security burden Mark Andrews (Apr 29)
- RE: Schneier: ISPs should bear security burden Steven J. Sobol (Apr 29)
- RE: Schneier: ISPs should bear security burden Miller, Mark (Apr 29)
- RE: Schneier: ISPs should bear security burden Dave Rand (Apr 29)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 27)